<?php
require_once 'config21.php';
// 验证登录状态
if (!isset($_SESSION['userid'])) {
    header('Location: login21.php');
    exit();
}

// 安全处理: 验证并过滤输入
$no = isset($_GET['id']) ? (int)$_GET['id'] : 0;    // 修改为获取id参数

if ($no <= 0) {
    die('无效的记录ID');
}

// 使用预处理语句防止SQL注入
$stmt = mysqli_prepare($conn, "DELETE FROM nationalbird WHERE no = ?");
mysqli_stmt_bind_param($stmt, 'i', $no);

if (mysqli_stmt_execute($stmt)) {
    echo '删除成功';
    echo "<script>location.href='list_nationalbird21.php';</script>";
} else {
    echo "删除失败:" . mysqli_error($conn);
}

mysqli_stmt_close($stmt);
mysqli_close($conn);
?>